Colin Sampaleanu wrote:
Ray Krueger wrote:
Colin Sampaleanu wrote:
Ray Krueger wrote:
I just wanted to take a moment to introduce myself. My name is Ray
Krueger, and after some off-list discussions with Ben Alex, I will
be working on integrating JAAS into the Acegi framework.
I have already written the base implementation for a JAAS based
AuthenticationProvider. The JAASAuthenticationProvider is
more-or-less a wrapper around a LoginContext object. The
LoginContext object is configured by passing the
JAASAuthenticationProvider the name of the LoginContext, and the
JAAS configuration file to read.
The implementation also provides a JAASCallbackHandler interface
that is similar to he CallbackHandler interface in the 'true' JAAS
api. The new interface provides a setter for the Authentication
object, so that the callbackhandler can have a reference to the
user data at execution time.
This is for cut and paste code reuse of an existing JAAS based
provider, when JAAS is not in fact actually available?
I'm not exactly sure what your asking...
Are you asking about the whole JAAS implementation, or the
Callbackhandler interace itself?
Although you stated it pretty clearly, I inexplicably didn't see the
part about the JAASCallbackHandler interface having a setter for the
Authentication object, so I was trying to figure out why the interface
was there, and that's the first thing that came to mind (since I did
something similar almost 3 years ago when I did a security framework
that was sort of based on JAAS and the idea of trying to reuse JAAS
providers at a source code level).
Aaaah. Gotcha. The JAASAuthenticationProvider passes an inner class to
the LoginContext that implements the Callbackhandler interface. When the
LoginContext calls the handleCallbacks() method on the innerclass, it
iterates through the JAASCallbackHandlers, and calls their
setAuthentication() and handleCallbacks() methods.
There is also the AuthorizationGranter interface (that needs a
better name). After LoginContext.login() is called by the
JAASAuthrizationProvider, the principals are retrieved from the
Subject (LoginContext.getSubject().getPrincipals()). Each Principal
is then passed to the AuthorizationGranters for evaluation. If the
AuthorizationGranter wishes to grant a given role to the
Authentication, it simply returns the role name that it was
configured with in the ApplicationContext. If it does not wish to
grant anything, it returns null.
That is the short explanation of the first part of the JAAS work.
The simplest configuration is really just using the
JAASAuthenticationProvider instead of the
DaoAuthenticationProvider. All method invocation, and url
Authorizations are still handled by Acegi. It is just the
Authentication part that is handled by JAAS. We'll add on from there.
I will be committing the first parts in the next day or so. I look
forward to any and all feedback.
Thanks for having me!
-Ray Krueger
-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Acegisecurity-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Acegisecurity-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Acegisecurity-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Acegisecurity-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
_______________________________________________
Acegisecurity-developer mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
